Dddkiao

**Name of the Vulnerable Software and Affected Versions** TwoNav version 2.1.13 **Description** The issue is related to a Server-Side Request Forgery (SSRF) vulnerability. This vulnerability can be exploited via the `url` parameter to the API endpoint "index.php?c=api&method=read data&type=connectivity test", which ultimately reaches "/system/api.php". **Recommendations** For TwoNav version 2.1.13, consider disabling access to the "index.php?c=api&method=read data&type=connectivity test" endpoint until a patch is available. Restrict the use of the `url` parameter in this endpoint to minimize the risk of exploitation.